Meanwhile, Malwarebytes is the latest victim, Symantec discovers a fourth piece of malware used in the massive attack campaign, and FireEye Mandiant releases a free tool to help spot signs of the attack.
A third piece of malware is uncovered, but there's still plenty of unknowns about the epic attacks purportedly out of Russia.
CEO Kevin Mandia shared some details on how his company rooted out the major cyberattack campaign affecting US government and corporate networks.
The attacks appear to be an "intelligence-gathering" mission, the agencies said.
Despite a pandemic and possibly the worst cyberattack campaign ever waged against the US, the year still had some bright spots when it came to "good" and creative hacks.
Agency says it has "evidence of additional initial access vectors" besides SolarWinds' Orion software.
Aftermath of the FireEye breach by Russia's foreign service agency raises concerns over what the attackers could do next - and how to defend against it.
"Novel techniques" used by the attackers cheated security tools and forensics, according to FireEye CEO Kevin Mandia.
National Grid Partners, Saudi Aramco Energy Ventures, and Hewlett Packard Enterprise led the latest funding round for the ICS/OT security company.
Machine learning-based products can be tricked to classify malware as a legitimate file, new findings show.
Researchers who last year hacked popular voice assistants with laser pointers take their work to the next level.
Verisign's R&D team has developed new ways to authenticate and optimize DNS traffic on the client side of the domain-name resolution process.
Former execs and employees share some insights into the testing firm's shutdown. What does it mean for the future of security product testing?
With more organizations shifting to cloud services in the pandemic, experts say the traditionally manual process of securing them will be replaced by automated tools in 2021 and beyond.
The testing firm's website says it has 'ceased operations' as of Oct. 15.